2 files changed, 3 insertions, 3 deletions
diff --git a/rrd.php b/rrd.php
index 1b5997b..b4c7f68 100644
--- a/rrd.php
+++ b/rrd.php
@@ -4,7 +4,7 @@ require_once 'conf/common.inc.php';
 require_once 'inc/functions.inc.php';
 require_once 'inc/html.inc.php';
-if ($file = validateRRDPath($CONFIG['datadir'], $_SERVER['PATH_INFO'])) {
+if ( $file = validateRRDPath($CONFIG['datadir'], urldecode($_SERVER["QUERY_STRING"])) ) {
        header('Content-Type: application/octet-stream');
        header('Content-Disposition: attachment; filename='.basename($file));
        header("Expires: " .date(DATE_RFC822,strtotime($CONFIG['cache']." seconds")));
diff --git a/type/Default.class.php b/type/Default.class.php
index 5e19e73..c4fa8a9 100644
--- a/type/Default.class.php
+++ b/type/Default.class.php
@@ -122,9 +122,9 @@ class Type_Default {
        function parse_filename($file) {
                if ($this->graph_type == 'canvas') {
-                        $file = 'rrd.php/' . str_replace($this->datadir . '/', '', $file);
+                        $file = str_replace($this->datadir . '/', '', $file);
                        # rawurlencode all but /
-                        $file = str_replace('%2F', '/', rawurlencode($file));
+                        $file = 'rrd.php?' . str_replace('%2F', '/', rawurlencode($file));
                } else {
                        # escape characters
                        $file = str_replace(array(' ', '(', ')'), array('\ ', '\(', '\)'), $file);

diff --git a/rrd.php b/rrd.php index 1b5997b..b4c7f68 100644 --- a/rrd.php +++ b/rrd.php
@@ -4,7 +4,7 @@ require_once 'conf/common.inc.php';
4	require_once 'inc/functions.inc.php';	4	require_once 'inc/functions.inc.php';
5	require_once 'inc/html.inc.php';	5	require_once 'inc/html.inc.php';
6		6
7	if ($file = validateRRDPath($CONFIG['datadir'], $_SERVER['PATH_INFO'])) {	7	if ( $file = validateRRDPath($CONFIG['datadir'], urldecode($_SERVER["QUERY_STRING"])) ) {
8	header('Content-Type: application/octet-stream');	8	header('Content-Type: application/octet-stream');
9	header('Content-Disposition: attachment; filename='.basename($file));	9	header('Content-Disposition: attachment; filename='.basename($file));
10	header("Expires: " .date(DATE_RFC822,strtotime($CONFIG['cache']." seconds")));	10	header("Expires: " .date(DATE_RFC822,strtotime($CONFIG['cache']." seconds")));


diff --git a/type/Default.class.php b/type/Default.class.php index 5e19e73..c4fa8a9 100644 --- a/type/Default.class.php +++ b/type/Default.class.php
@@ -122,9 +122,9 @@ class Type_Default {
122		122
123	function parse_filename($file) {	123	function parse_filename($file) {
124	if ($this->graph_type == 'canvas') {	124	if ($this->graph_type == 'canvas') {
125	$file = 'rrd.php/' . str_replace($this->datadir . '/', '', $file);	125	$file = str_replace($this->datadir . '/', '', $file);
126	# rawurlencode all but /	126	# rawurlencode all but /
127	$file = str_replace('%2F', '/', rawurlencode($file));	127	$file = 'rrd.php?' . str_replace('%2F', '/', rawurlencode($file));
128	} else {	128	} else {
129	# escape characters	129	# escape characters
130	$file = str_replace(array(' ', '(', ')'), array('\ ', '\(', '\)'), $file);	130	$file = str_replace(array(' ', '(', ')'), array('\ ', '\(', '\)'), $file);